Extending the AD Schema for SCCM 2012

Extending the Active Directory Schema for System Center Configuraiton Manager 2012

Extending the Active Directory Schema is optional and may be performed at any time. Below are the step by step instructions for two simple methods to apply the schema extenstions.

Method 1: Using ExtADSch.exe
Method 2: Using LDIFDE

SCCM 2012 - AD Schema Extension Attributes & Classes

Schema extensions for SCCM 2012 have not changed from the previous version. If you are upgrading from System Center Configuration Manager 2007, and the Active Directory Schema was already extended, you do not need to make any additional schema changes to support SCCM 2012.

If you are unsure what schema extensions have been made to Active Directory, you can optionally, utilize the Schema extension report script to discover what schema extensions have been applied.

Optional: Schema Extension Report: http://gallery.technet.microsoft.com/scriptcenter/PowerShell-Active-4ffedca4

!!! IMPORTANT: Schema extensions are a forest wide configuration, which is irreversible. Before implementing any Active Directory Schema Extension it should be tested for conflicts against the existing schema. Refer to: http://technet.microsoft.com/en-us/library/testing-for-active-directory-schema-extension-conflicts(WS.10).aspx 

!!! IMPORTANT: Before extending the Schema using ExtAdSch.exe or LDIF, ensure you perform a backup which includes the System State of the Domain Controller holding the Schema Master FSMO role. It is also important that you know the Directory Services Restore Mode (DSRM) password to allow for an authoritative restore of Active Directory if needed.

!!! IMPORTANT: In large Active Directory forests, schema extensions can result in substantial increases in replication traffic. Ensure you understand the risks and impact of the proposed schema modifications before deploying in a production environment.

Method 1: Using ExtADSch.exe

1. Log in to the Active Directory Schema Master with a Schema Admin account.
2. Launch a Command Prompt window as Administrator.
3. From the command line, navigate to the \SMSSETUP\BIN\x64\ directory on where your installation media is located.
4. Execute EXTADSCH.exe.
5. Open C:\extadsch.log and review for any errors.

Figure 1 - Run ExtADSch.exe

Figure 2 - Verify ExtADSch.log for Success

Method 2: Using LDIFDE 

The LDIFDE command line utility provides greater visibility & customization of schema changes. The LDIF configuration file can be located at: .\SMSSETUP\BIN\X64\ConfigMgr_ad_schema.ldf

1. Copy the ConfigMgr_ad_schema.ldf file to a directory on the Schema Master.
2. Open the new copy of ConfigMgr_ad_schema.ldf using Notepad, and replace all instances of “DC=x” with your root domain.
3. Log in to the Active Directory Schema Master with a Schema Admin account.
4. Launch a Command Prompt window as Administrator.
5. Run, “ldifde –i –f ConfigMgr_ad_schema.ldf –v –j <location to store log file>”
6. After the process completes, review the log file created in step 5 to verify the schema was successfully extended.